source: app/Http/Controllers/SessionsController.php@ 8a258ab

main
Last change on this file since 8a258ab was 8a258ab, checked in by bube-ristovska <ristovska725@…>, 4 months ago

hashed passwords

  • Property mode set to 100644
File size: 2.9 KB
RevLine 
[75151c6]1<?php
2
3namespace App\Http\Controllers;
4
[cf84baa]5use App\Models\Officer;
[75151c6]6use Illuminate\Http\Request;
[cf84baa]7use Illuminate\Support\Facades\Auth;
8use Illuminate\Support\Facades\DB;
9use Illuminate\Support\Facades\Session;
[8a258ab]10use Illuminate\Support\Facades\Hash;
[75151c6]11
12class SessionsController extends Controller
13{
[8a258ab]14 function verifyPassword($inputPassword, $storedHash, $salt)
15 {
16 $hashedInputPassword = crypt($inputPassword . $salt, $storedHash);
17
18 return $hashedInputPassword === $storedHash;
19 }
[cf84baa]20 public function store()
21 {
22 $credentials = request()->validate([
23 'badge_no' => 'required',
24 'password' => 'required'
25 ]);
26 $password = $credentials['password'];
27 $badge_no = $credentials['badge_no'];
[69e9f5d]28 // mozhe da se najavi kako policaec i kako officer, znaeme koj e koj po znachkata
29
[cf84baa]30 $policeman = true;
[69e9f5d]31 $is_policeman = DB::select('select * from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
32 $is_officer = DB::select('select * from officer where o_badge_no = :badge_no;', ['badge_no' => $badge_no]);
33 if($is_officer==null && $is_policeman==null) {
34 return back()->withErrors(['password' => 'Invalid credentials']);
[cf84baa]35 }
[69e9f5d]36 if($is_officer!=null) {
37 $pass = DB::select('select o_password from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
[8a258ab]38 $salt = DB::select('select salt from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
[69e9f5d]39 $policeman = false;
40 } else {
41 $pass = DB::select('select p_password from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
[8a258ab]42 $salt = DB::select('select salt from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
43
[cf84baa]44 }
45
46 foreach ($pass[0] as $key => $val) {
47 $value = $val;
48 break; // Break after the first key-value pair
49 }
[8a258ab]50 foreach ($salt[0] as $key => $val) {
51 $value2 = $val;
52 break; // Break after the first key-value pair
53 }
54 if ($this->verifyPassword($password, $value, $value2)) {
[cf84baa]55 // Authentication passed
56 Session::put('badge_no', $badge_no);
57 Session::put('is_policeman', $policeman);
[d9c4096]58 if($policeman){
[69e9f5d]59 Session::put('pe_id', $is_policeman[0]->pe_id);
[092fcda]60 Session::put('p_id', $is_policeman[0]->p_id);
[d9c4096]61 } else {
[69e9f5d]62 Session::put('pe_id', $is_officer[0]->pe_id);
[d9c4096]63 }
[7e9dadd]64 return view('welcome');
[cf84baa]65 }
66
67 // Authentication failed
68 return back()->withErrors(['password' => 'Invalid credentials']);
69 }
70
71 public function logout()
72 {
73 Session::forget('badge_no');
[69e9f5d]74 Session::forget('p_id');
75 Session::forget('pe_id');
[cf84baa]76 Session::forget('is_policeman');
77 return redirect('/login');
78 }
[75151c6]79}
Note: See TracBrowser for help on using the repository browser.